Howdy --
The ability to call arbitrary Java code from XQuery being accessible only to users with ADMIN privileges is generally sensible for obvious reasons.
However, it would be useful for users with ADMIN privileges to be able to install packages in such a way as to make classes contained therein accessible to less-privileged users.
Does such a mechanism already exist? If not, thoughts on feasibility?
With the current packaging architecture, I may get difficult to assign user privileges to specific functions or modules. Maybe the EXPath mailing list could be another target for discussing this (cc'ed/hi to Florent.. did you maybe have some plans on this issue?).
Regarding our own thoughts on reworking package management, we thought about introducing XQuery and Java annotations to restrict or extend privileges for specific functions or (?) complete modules. What do you think about that?
Christian ___________________________
On Tue, Mar 20, 2012 at 11:16 PM, Charles Duffy charles@dyfis.net wrote:
Howdy --
The ability to call arbitrary Java code from XQuery being accessible only to users with ADMIN privileges is generally sensible for obvious reasons.
However, it would be useful for users with ADMIN privileges to be able to install packages in such a way as to make classes contained therein accessible to less-privileged users.
Does such a mechanism already exist? If not, thoughts on feasibility?
Quick question --
Does the ADMIN restriction apply to classes extending QueryModule as well as those found via reflection?
I didn't see the permissions checks when poking around the relevant code, and am thus not quite sure where they are -- but to me, it would make sense to have QueryModule methods be responsible for running their own permission checks (as they're written for explicit use with BaseX), while continuing to require ADMIN for anything found via reflection. [This assumes that ADMIN, as opposed to WRITE, is needed to install such modules... I think there were changes in that regard recently?]
Does the ADMIN restriction apply to classes extending QueryModule as well as those found via reflection?
The QueryModule extension is an early intent to simplify the import of Java code. It hasn't been documented yet, and is subject to change. I agree that it should, and will, be treated different than arbitrary Java code performed via reflection. One of the ideas is to introduce annotations that will control the privileges required for executing a function or class.
Beside that, it's still quite a tricky task to add new modules to BaseX, as most statically known XQuery functions are either statically specified in the Function class, or embedded via EXPath packaging.
Christian
basex-talk@mailman.uni-konstanz.de
-
Charles Duffy -
Christian Grün